20/01/2024 - Version 6.4.43 Release Notes

🎯 New Features

  • Kubernetes and Istio Logging Plugin

A new Kubernetes and Istio logging plugin has been introduced to enhance log collection and observability for Kubernetes environments using Istio.

 

  • User Password Change Auditing

System logs now track all user password changes, improving security monitoring and compliance.

 

  • Check Point Harmony Endpoint Log API Integration

Support has been added for Check Point Harmony Endpoint logs, enabling seamless log collection and security event monitoring.

 

  • Discord Integration for Notifications

Discord integration has been implemented, allowing real-time notifications and incident alerts via mentions.

πŸ”§ Bug Fixes

  • Incident Status and Sorting Issues Resolved

Fixed an issue where sorting by incident severity or status was not functioning correctly in the incident management module.

 

  • Improvements in Notification System

Addressed inconsistencies in notification messages, ensuring reliable event updates.

 

  • Search Button Visibility Issue Resolved

The search button will no longer appear when there are no matching results during reindexing.

 

  • IBM QRadar EDR API Token Management Fixed

Resolved token management issues in IBM Security QRadar EDR API, ensuring seamless authentication and API stability.

 

Enhancements in FortiAnalyzer and FortiMail Log Parsing

β€’ Fixed normalization issues in FortiAnalyzer logs.

β€’ Updated FortiMail plugin mapping for improved log accuracy.

 

Microsoft Defender XDR API Improvements

β€’ Added new form fields for Scope and Base URL in Azure Graph Audit.

β€’ Fixed API token issues for Microsoft Defender XDR to improve integration stability.

 

Citrix NetScaler ADC Log Enhancements

β€’ Fixed timestamp normalization issues for Citrix logs, ensuring accurate event timelines.

 

Performance Optimizations

β€’ Optimized InfluxDB query execution to reduce processing time and improve performance.

β€’ Improved system health check log collection, fixing previous errors.

πŸ”Œ Plugin and API Poller Updates

New Plugins

β€’ Kubernetes and Istio logging plugin added for enhanced observability.

β€’ Citrix NetScaler ADC log plugin introduced for improved log handling.

 

Updated Plugins

β€’ FortiAnalyzer plugin updated for better log processing.

β€’ FortiMail plugin updated for improved event mapping and normalization.

 

API Poller Updates

β€’ IBM Security QRadar EDR API enhancements for stable log retrieval.

β€’ Microsoft Defender XDR API now supports improved token management.

β€’ Check Point Harmony Endpoint Log API integration added.

πŸ“ Other Improvements

Export and Parser Enhancements

β€’ Export functionality for Zookeeper configurations has been reintroduced, ensuring proper configuration backup management.

β€’ Fixed cron job issues in legacy parsers, improving scheduled log processing.

 

Web Interface Fixes

β€’ Resolved logout errors in the web interface, ensuring a smoother user experience.

 

This release focuses on enhancing security monitoring, improving integrations, and optimizing system performance to provide a more stable and feature-rich experience. πŸš€

Was this article helpful?
1 out of 1 found this helpful

Articles in this section

See more
Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.